UPDATE 1-U.S. SEC chair says does not support call for delay to new regulatory audit system

Reuters Staff

4 Min Read

(Recasts with statement by SEC Chair Jay Clayton)

By John McCrank

NEW YORK, Nov 14 (Reuters) - The Chairman of the U.S. securities regulator said on Tuesday he did not support an industry request that had cited cyber security concerns to delay the rollout of a massive new database aimed at helping the regulator better police markets.

U.S. stock exchanges on Monday requested the Securities and Exchange Commission (SEC) postpone by a year implementation of the first phase of the Consolidated Audit Trail, or CAT, which was to begin on Wednesday, according to a letter to the SEC dated Nov. 13 and posted on its website.

It was signed by representatives from Intercontinental Exchange’s New York Stock Exchange, Nasdaq Inc, CBOE Global Markets and other exchanges.

The request is largely due to security concerns, including the lack of ability for users to test the system in an environment with production-level security, the exchanges said.

“Recent high-profile security breaches, such as the breach at Equifax, have highlighted the vulnerability of systems holding large volumes of sensitive financial data to hacking and other forms of attack,” they said in the letter.

The exchanges also said they have had difficulties approving a chief information security officer to oversee security of the database, which would be one of the world’s largest.

However, on Tuesday SEC Chair Jay Clayton said he could not support the requested delay but that he would continue to work closely with the exchanges to address their concerns.

“With regard to cybersecurity, I have informed the that protection of the information submitted to the CAT is of paramount importance and that I am open to various paths for addressing cybersecurity matters,” he said in a statement.

“Additionally, I have made it clear that the SEC will not retrieve sensitive information from the CAT unless we believe appropriate protections are in place.”

Clayton’s rejection of the request means the implementation of the first phase of CAT is set to formally begin as scheduled on Wednesday, although it is unclear if the exchanges will be able to comply on time.

The CAT has been hit by a series of delays since being ordered by the SEC after the May 2010 “flash crash”, even though the regulator has said it views completion of the database as critical to its oversight of markets.

It has been likened to a Hubble Telescope for financial markets and will be a central database for all stock and options “message traffic”, meaning every trade order, execution, modification and cancellation. It will also hold highly sensitive personal identifying information, such as the social security numbers of exchange customers.

After the flash crash, in which around $1 trillion was wiped from the stock market within minutes before an almost equally rapid rebound, it took several months to piece together the data needed to attempt to diagnose what caused the event. CAT would greatly speed up such an investigation.

The SEC tasked the exchanges with creating CAT’s rules, including how it would be funded. A fee plan for the project has faced delays after some financial firms complained that the exchanges wanted fees from brokers, banks and other traders to cover the bulk of the costs. (Reporting by John McCrank; Editing by Dan Grebler and Muralikumar Anantharaman)